Watchman – Your Malware Alert Bot with Notion, Slack, And BetterUptime Integration

The vigilant configuration change alerting and incident escalation bot designed to safeguard your digital world.

In this article, we’ll explore how Watchman seamlessly integrates with popular tools like Notion, Slack, and BetterUptime to provide real-time protection against malware threats.

Discover how to set up Watchman and bolster your cybersecurity defenses with ease.

watchman is a configuration change alerting and incident escalation bot for Kandji malware threats that integrates with Notion, Slack and BetterUptime.

watchman knows all, watchman sees all.

Get Started

watchman is built and deployed using SST.

Quick Start

Ensure you have a valid AWS account configured. If not, run:

aws configure

Then you can initialize SST and deploy a stack. This will take a while:

pnpm i
pnpm dev

You will need to initialize some secrets. Get these values from BetterUptime, Notion, Kandji, and Slack:

pnpm sst secrets set BETTERUPTIME_API_KEY "<REPLACE_KEY_HERE>" # "--stage prod" if you're setting for prod
pnpm sst secrets set KANDJI_API_KEY "<REPLACE_KEY_HERE>" # "--stage prod" if you're setting for prod
pnpm sst secrets set SLACK_WEBHOOK "<REPLACE_WEBHOOK_HERE>" # "--stage prod" if you're setting for prod
pnpm sst secrets set NOTION_API_KEY "<REPLACE_KEY_HERE>" # "--stage prod" if you're setting for prod
pnpm sst secrets set NOTION_DATABASE_ID "<REPLACE_ID_HERE>" # "--stage prod" if you're setting for prod

After you’re done, remember to clean up:

pnpm run remove

Tamil S

Tamil has a great interest in the fields of Cyber Security, OSINT, and CTF projects. Currently, he is deeply involved in researching and publishing various security tools with Kali Linux Tutorials, which is quite fascinating.